Report - jamesashpe.netlify.app/weber-county-plat-maps/

Report Overview

Submitted URL
jamesashpe.netlify.app/weber-county-plat-maps/
IP
34.141.11.154
ASN
#396982 GOOGLE-CLOUD-PLATFORM
Submitted
2023-01-14 13:54:58
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.co.weber.ut.us	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	9.6 kB	204.152.132.23
unseenreport.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	846 B	192.243.61.227
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
www.familysearch.org	68255	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	908 B	30 kB	45.223.164.251
cdn.barscreative1.com	25648	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	488 B	2.4 kB	45.133.44.3
www.statcounter.com	11621	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	380 B	104.20.218.77
pl15637392.profitablegate.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	416 B	21 kB	173.233.139.164
friendshipmale.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	34 kB	172.64.166.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.165.255.253
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	810 B	830 B	52.28.184.54
cdn.creative-bars1.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	74 kB	172.64.167.9
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.3 kB	23.36.76.226
www.dynamospatial.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	459 B	5.9 kB	157.230.203.39
www.webercountyutah.gov	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	877 B	1.8 MB	204.152.132.23
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	53 kB	34.120.237.76
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	104.18.32.68
c.statcounter.com	7772	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	844 B	722 B	104.20.218.77
jamesashpe.netlify.app	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	12 kB	34.141.72.9
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	216.58.211.3
planesknob.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.5 kB	7.9 kB	173.233.137.60
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.4 kB	93.184.220.29
toxicrookie.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	449 B	467 B	173.233.137.52
pl15637520.profitablegate.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	416 B	14 kB	173.233.137.44
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	100 kB	142.250.74.35
server.arcgisonline.com	12952	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	445 B	19 kB	143.204.55.40
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	1.9 kB	54.230.245.110
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	431 B	746 B	142.250.74.74
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	9.8 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-14	medium	friendshipmale.com/sfp.js	Malware
2023-01-14	medium	cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-14	medium	toxicrookie.com	Sinkholed
2023-01-14	medium	planesknob.com	Sinkholed
2023-01-14	medium	planesknob.com	Sinkholed
2023-01-14	medium	planesknob.com	Sinkholed
2023-01-14	medium	planesknob.com	Sinkholed
2023-01-14	medium	planesknob.com	Sinkholed
2023-01-14	medium	unseenreport.com	Sinkholed
2023-01-14	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	jamesashpe.netlify.app/wp-content/themes/iconic-one/js/selectnav.js	4.2 kB	2023-03-07	2024-03-12
Pretty URL jamesashpe.netlify.app/wp-content/themes/iconic-one/js/selectnav.js IP 34.141.11.154 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:54 Last Seen2024-03-12 00:36:58 Times Seen159 Hash 9d398fa34eea4b634e81caceade85fb1 308315b285c15b0b69562a685cabd93c177bf684 fa74e2efe166bec2fe4d9a036c2de5bab6837a4d6da7c56bf41cc8697edb9d3d Loading...

	www.statcounter.com/counter/counter.js	44 kB	2023-03-07	2024-03-30
Pretty URL www.statcounter.com/counter/counter.js IP 104.20.218.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:55 Last Seen2024-03-30 16:46:15 Times Seen13 Hash 366890db672c87ff79dd22a7534643d2 e7b0da6b49f35363f125deb595ff67ccb0dc222c 38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598 Loading...

	http:blank	601 B	2023-03-12	2023-03-12
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:14:35 Last Seen2023-03-12 23:14:35 Times Seen1 Hash 64c4e4658999d4feba1f0d8f03b821d5 d70d0abb09dbc710044ccca39b226e42c86feba6 fb6165de60725f84760e1f4177baaf567d613be0aecfb2fd298bb7b3c366cba2 Loading...

	pl15637392.profitablegate.com/39/14/ae/3914ae10bf633009de6069ed0bb8ca33.js	60 kB	2023-03-12	2023-03-12
Pretty URL pl15637392.profitablegate.com/39/14/ae/3914ae10bf633009de6069ed0bb8ca33.js IP 173.233.139.164 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:14:35 Last Seen2023-03-12 23:14:35 Times Seen1 Hash d14311e25e0d1b3de4411b22ebc89d99 f25d8fd8d8a8d209b9d9e2e6263e8a1f98eecf3e 271ee354c7218d77ce7804f72f91e3e0dd2309f1524e7868715309bb9919e093 Loading...

	pl15637520.profitablegate.com/a9/81/cc/a981cc90b26126cbeaa22d88f6178a02.js	37 kB	2023-03-12	2023-03-12
Pretty URL pl15637520.profitablegate.com/a9/81/cc/a981cc90b26126cbeaa22d88f6178a02.js IP 173.233.137.44 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:14:35 Last Seen2023-03-12 23:14:35 Times Seen1 Hash 0c8ae14943a0d0481789eb4946e32188 83318e54a15d58a39e7050ba75259b7168fbef9b c722a4990963da9a81455c7b7c9490a5044e97d1979e4f89d804b61a056d748e Loading...

	jamesashpe.netlify.app/weber-county-plat-maps/	77 B	2023-03-12	2023-03-12
Pretty URL jamesashpe.netlify.app/weber-county-plat-maps/ IP 34.141.72.9 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:14:35 Last Seen2023-03-12 23:14:35 Times Seen1 Hash a526f066ed2a3a4dac0ea05402baa13f 4a1ae40ba7686dfa70c2d74bd9a0cc9293ad204b 8b9c4a0886d1403fe88b4bb669700464391fd2e366163b26365be10ad8851929 Loading...

HTTP Transactions (79)

URL IP Response Size

jamesashpe.netlify.app/weber-county-plat-maps/

34.141.72.9

301 Moved Permanently

69 B

URL HTTP/1.1
jamesashpe.netlify.app/weber-county-plat-maps/
IP
34.141.72.9:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with no line terminators
Size
69 B (69 bytes)
Hash
1d3f5c4a32019fccc8b499a2a32b2aa9
42532bddd9a9f8d2ac7d77b5c3f2e39466d2da8e
0a63d9000c824ce5176b91814de3f3a3275cb46af10dc592d87ee535ecf5b788

HTTP Headers

GET /weber-county-plat-maps/ HTTP/1.1
Host: jamesashpe.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://jamesashpe.netlify.app/weber-county-plat-maps/
Server: Netlify
X-Nf-Request-Id: 01GPR8ZEDKE1J0XKB1H5XJFPZZ
Date: Sat, 14 Jan 2023 13:54:47 GMT
Content-Length: 69
Content-Type: text/plain; charset=utf-8

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12790
Expires: Sat, 14 Jan 2023 17:27:57 GMT
Date: Sat, 14 Jan 2023 13:54:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0643dc6b6fed33b3537160b6bb77bcbf
aa43bd1fbb30d2219f3285c1ee4991ffb33562c5
f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7081
Expires: Sat, 14 Jan 2023 15:52:48 GMT
Date: Sat, 14 Jan 2023 13:54:47 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 14 Jan 2023 13:48:55 GMT
content-type: application/json
age: 352
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
64765d3d978fd74d7bc47d55d4f097cf
92eb3f0d55ba99be28105c0b28ef7dd456817f1f
761aab02513e7a0ec55ea59109e88b39cbd4e17df0cd2035aa37a4693f22d1f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "761AAB02513E7A0EC55EA59109E88B39CBD4E17DF0CD2035AA37A4693F22D1F3"
Last-Modified: Thu, 12 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7520
Expires: Sat, 14 Jan 2023 16:00:07 GMT
Date: Sat, 14 Jan 2023 13:54:47 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 1Wlgc9zw6OhcbgjmIRcuoFe5/RBnki2sgMDlZr+YGlw/28AY6welBwfDdluWkRIH8iB5nlyZh3XjgfSwOKDZcg==
x-amz-request-id: R4DSZS3CJ9NWQGD7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 14 Jan 2023 13:43:45 GMT
age: 662
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
ad44fdf892ab547da4f0297c5992e655
a755d380069df0d19abe0158fb05b4e4312e54f6
141bc6b7bb0b3ae3ed54e0d384bcf13102482ecf7b966f45e61b895522169b1d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5200
Cache-Control: max-age=160732
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 13:54:47 GMT
Etag: "63c270b3-13a"
Expires: Mon, 16 Jan 2023 10:33:39 GMT
Last-Modified: Sat, 14 Jan 2023 09:06:59 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 13:54:47 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b5628887325331ad3d660f7208e1995c
9e4bf04468a7aed126488ccb5552a8e02610f6dd
5cd181d6728fc5f0f4d88407b97af61db39c5a38feebdeb2c21335cf4402fca4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 13:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b5628887325331ad3d660f7208e1995c
9e4bf04468a7aed126488ccb5552a8e02610f6dd
5cd181d6728fc5f0f4d88407b97af61db39c5a38feebdeb2c21335cf4402fca4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 13:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 14 Jan 2023 13:17:25 GMT
age: 2243
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
087971e4912a6c829deb60511a8e5fbd
114fdd591d2f06d91b2de5a8ccdfcf3f17c2cf38
b1a12bbe968ffe498e052e8dc146b6e174f78be1142ab9bfee31474f16f29393

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B1A12BBE968FFE498E052E8DC146B6E174F78BE1142AB9BFEE31474F16F29393"
Last-Modified: Fri, 13 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=921
Expires: Sat, 14 Jan 2023 14:10:09 GMT
Date: Sat, 14 Jan 2023 13:54:48 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c01ec61f7ca77158f474b3ab519c12fa
fc82ae0fcd73a83a980b75709a08e65239894e4a
f533e0fac9b92e79d4fbd6e70b42a83067de95f0a13cc737d7e5fa459baa4c54

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1830
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 13:54:48 GMT
Last-Modified: Sat, 14 Jan 2023 13:24:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

pl15637392.profitablegate.com/39/14/ae/3914ae10bf633009de6069ed0bb8ca33.js

173.233.139.164

200 OK

21 kB

URL HTTP/1.1
pl15637392.profitablegate.com/39/14/ae/3914ae10bf633009de6069ed0bb8ca33.js
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
HTML document, ASCII text, with very long lines (60132), with no line terminators
Size
21 kB (20701 bytes)
Hash
a904c49f8d2ca08ccf3697e27399688e
663de691a2fc055446c61479f29b83b590df8603
7e250b933a08617bac1747341e477f511539dc0d07fe9355cc9a904f1b52b866

HTTP Headers

GET /39/14/ae/3914ae10bf633009de6069ed0bb8ca33.js HTTP/1.1
Host: pl15637392.profitablegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 13:54:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d867a7601e72d3b2eb2d567d2de585cc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

pl15637520.profitablegate.com/a9/81/cc/a981cc90b26126cbeaa22d88f6178a02.js

173.233.137.44

200 OK

13 kB

URL HTTP/1.1
pl15637520.profitablegate.com/a9/81/cc/a981cc90b26126cbeaa22d88f6178a02.js
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (37113), with no line terminators
Size
13 kB (13402 bytes)
Hash
af3bce5cda57596c78e483454ab8245f
1fd91e19e84ed472af0255d2642186cba61a6d4b
739a5b5862142f5c43cb91711f7de92d2709a712051520c5621484d760f111db

HTTP Headers

GET /a9/81/cc/a981cc90b26126cbeaa22d88f6178a02.js HTTP/1.1
Host: pl15637520.profitablegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 13:54:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ab637dc38c37457aa2119d1a8b3ac92b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

jamesashpe.netlify.app/wp-content/themes/iconic-one/custom.css

34.141.11.154

404 Not Found

1.2 kB

URL HTTP/2
jamesashpe.netlify.app/wp-content/themes/iconic-one/custom.css
IP
34.141.11.154:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size
1.2 kB (1245 bytes)
Hash
3530ab3fb068ffb26ab9b3e9184cfcbe
5abe9ee23f42cb727de0567589872f2f5aad57c7
18c9246dec79e05803b6c95c0247f989bf655c1e1809d591b2be37f8bf6f2e22

HTTP Headers

GET /wp-content/themes/iconic-one/custom.css HTTP/1.1
Host: jamesashpe.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/weber-county-plat-maps/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 14 Jan 2023 13:54:48 GMT
etag: 1592756346-ssl-df
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GPR8ZFW9QETA62HKWZGK3C4K
content-length: 1245
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
76237ec279f24af78ed3bdc74ae6b65e
863b83d52ad01b97e03127b8f7303e75d79e2978
0b270314f74ba5dc8288d46482ea4e08b2b701326382ad16e88fbf73762dac3e

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "0B270314F74BA5DC8288D46482EA4E08B2B701326382AD16E88FBF73762DAC3E"
Last-Modified: Fri, 13 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7345
Expires: Sat, 14 Jan 2023 15:57:13 GMT
Date: Sat, 14 Jan 2023 13:54:48 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 13:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.co.weber.ut.us/gis/images/st_guidemap.jpg

204.152.132.23

404 Not Found

2.2 kB

URL HTTP/1.1
www.co.weber.ut.us/gis/images/st_guidemap.jpg
IP
204.152.132.23:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
2.2 kB (2174 bytes)
Hash
98d0c68f68b59e84f64f452e28c27fa8
cb179f9826c44b90fadb3ae95e1ddc166e58dfdd
c53771e7911e3673ee58ff07c23afde463c93005b556172183c0bb7185a351a1

HTTP Headers

GET /gis/images/st_guidemap.jpg HTTP/1.1
Host: www.co.weber.ut.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 404 Not Found
Date: Sat, 14 Jan 2023 13:54:47 GMT
Server: Apache
X-Powered-By: PHP/7.4.16
Content-Length: 2174
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

www.co.weber.ut.us/gis/images/Precinct_Map_South.jpg

204.152.132.23

404 Not Found

2.2 kB

URL HTTP/1.1
www.co.weber.ut.us/gis/images/Precinct_Map_South.jpg
IP
204.152.132.23:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
2.2 kB (2174 bytes)
Hash
98d0c68f68b59e84f64f452e28c27fa8
cb179f9826c44b90fadb3ae95e1ddc166e58dfdd
c53771e7911e3673ee58ff07c23afde463c93005b556172183c0bb7185a351a1

HTTP Headers

GET /gis/images/Precinct_Map_South.jpg HTTP/1.1
Host: www.co.weber.ut.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 404 Not Found
Date: Sat, 14 Jan 2023 13:54:47 GMT
Server: Apache
X-Powered-By: PHP/7.4.16
Content-Length: 2174
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

142.250.74.35

200 OK

35 kB

URL HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Size
35 kB (34852 bytes)
Hash
0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

HTTP Headers

GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 13:33:12 GMT
expires: Sat, 13 Jan 2024 13:33:12 GMT
cache-control: public, max-age=31536000
age: 87696
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 13:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

35.165.255.253

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.165.255.253:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: h81iy7AihkmOfmjoCyJnHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oBzOY8tMZ4afhVt9rGMZJCWTjSQ=

fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

142.250.74.35

200 OK

30 kB

URL HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 29752, version 1.0\012- data
Size
30 kB (29752 bytes)
Hash
ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

HTTP Headers

GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jan 2023 03:18:10 GMT
expires: Mon, 08 Jan 2024 03:18:10 GMT
cache-control: public, max-age=31536000
age: 556598
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 13:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

server.arcgisonline.com/ArcGIS/rest/services/World_Imagery/MapServer/tile/9/191/97

143.204.55.40

200 OK

19 kB

URL HTTP/1.1
server.arcgisonline.com/ArcGIS/rest/services/World_Imagery/MapServer/tile/9/191/97
IP
143.204.55.40:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Size
19 kB (18909 bytes)
Hash
9e5ad681c6c0dcbc4a3eb425a0c5f05f
5c554f93f08671ca342668d26d261885218624a4
44240b96cd811be8d698f836988d29db8e51b4de639f956a53583f894811756b

HTTP Headers

GET /ArcGIS/rest/services/World_Imagery/MapServer/tile/9/191/97 HTTP/1.1
Host: server.arcgisonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 18909
Connection: keep-alive
Date: Sat, 14 Jan 2023 13:54:48 GMT
Server: Apache
ETag: "am4l5rvv52ruf"
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
X-Robots-Tag: noindex
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xv4iJxqGaf_pdGBUXUTvWK4stNiZ8fFZQLLIO0nawr3N4JJfuGjFZQ==

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
736c958448b6596d24bb99f0cf0b232d
c8137445dd9df3a26faeead5af609bf1a51654cf
f625ce9a12c763fcaa2fff8d6410de8f9f0ea6673531e6fc6d00e0f4ffe7a17d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 14 Jan 2023 13:54:48 GMT
Last-Modified: Sat, 14 Jan 2023 13:40:44 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 39ZnBa7bp8-p5CCOMOjtVtkaEsNLnD6RYsyUdWEr6zAO0fsGJiu_pg==
Age: 844

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
736c958448b6596d24bb99f0cf0b232d
c8137445dd9df3a26faeead5af609bf1a51654cf
f625ce9a12c763fcaa2fff8d6410de8f9f0ea6673531e6fc6d00e0f4ffe7a17d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 14 Jan 2023 13:54:48 GMT
Last-Modified: Sat, 14 Jan 2023 13:44:40 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dDR9pNWWu8uoZ5luFqunvdLP1PuzEOITcbFCQA594vFPy6zQeDu5yg==
Age: 608

simplewebanalysis.com/stats

52.28.184.54

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.184.54:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
766bfe82190f15fe0630384059309f03
49142e74aff4fbb0a74ee6b077203d4d7bc19d26
d685b08c582702c6b94381f98d54f3d4b2d789f804ea25468098667be6120f87

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 13:54:49 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://jamesashpe.netlify.app
access-control-allow-credentials: true
set-cookie: uid_id2=579d0324-e18b-49d3-a831-fc9251e581f0:3:1; expires=Tue, 11 Jan 2033 13:54:49 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

www.familysearch.org/wiki/en/img_auth.php/thumb/a/a0/Ut-weber.png/200px-Ut-weber.png

45.223.164.251

301 Moved Permanently

185 B

URL HTTP/2
www.familysearch.org/wiki/en/img_auth.php/thumb/a/a0/Ut-weber.png/200px-Ut-weber.png
IP
45.223.164.251:0
ASN
#19551 INCAPSULA

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
185 B (185 bytes)
Hash
4c555068310076e85908835c721911f5
9ec990aabb4391e139034f68e5e657e0f1d0b74d
568b4de0ad30e85670e724dc30ccb675924353b77807356c5ad7f29c8c38f510

HTTP Headers

GET /wiki/en/img_auth.php/thumb/a/a0/Ut-weber.png/200px-Ut-weber.png HTTP/1.1
Host: www.familysearch.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 185
date: Sat, 14 Jan 2023 13:54:48 GMT
server: nginx/1.14.2
location: https://www.familysearch.org/en/wiki/img_auth.php/thumb/a/a0/Ut-weber.png/200px-Ut-weber.png
via: 1.1 472198048b2177f6905d44f001875bcc.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'self' https://*.familysearch.org https://*.familysearch.psdops.com https://*.church.brightspot.cloud
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: mJBshy83G0hoR0xxeMaGlqTVDHQe8uFaJBt079CtBybVTfc1VDbuzQ==
set-cookie: visid_incap_2852034=E9fDDc1bTxWHXz4zCyCPgye0wmMAAAAAQUIPAAAAAACoM9Lpa0CbwPk2PMFHv6aM; expires=Sat, 13 Jan 2024 22:32:33 GMT; HttpOnly; path=/; Domain=.familysearch.org
nlbi_2852034=ENONKIvNiWlr0ZtmFzy7qAAAAAA3dp1cS0Wrlseyrb9Oz1G+; path=/; Domain=.familysearch.org
incap_ses_720_2852034=V9wYSy5O9AoUnT+8BfX9CSi0wmMAAAAAQILxfMN1Np7Lnw4a9QrYhw==; path=/; Domain=.familysearch.org
x-cdn: Imperva
x-iinfo: 14-229014194-229014196 NNNN CT(1 4 0) RT(1673704487869 25) q(0 1 1 0) r(2 2) U5
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
57ec4e6fadbb9b0881c32067c086c656
ca04ba71362b10816df256008c924ec5359f2cb1
6b05918938b49c909cf1379e35d9b2de83cfad3b9fa01c5fe36690ed3c57e163

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B05918938B49C909CF1379E35D9B2DE83CFAD3B9FA01C5FE36690ED3C57E163"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5537
Expires: Sat, 14 Jan 2023 15:27:06 GMT
Date: Sat, 14 Jan 2023 13:54:49 GMT
Connection: keep-alive

simplewebanalysis.com/stats

52.28.184.54

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.184.54:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
858293a77e28acb972ca2076324fa553
57863e1e1ad87e925b9a875c3c4717c4bc3b427a
e7421396f79c9e735ab1203afd694f4a25ec40ccb2cc0d86b2e7e5eafb569bd0

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 13:54:49 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://jamesashpe.netlify.app
access-control-allow-credentials: true
set-cookie: uid_id2=61fc771f-056a-4be9-83ac-def34161a059:1:1; expires=Tue, 11 Jan 2033 13:54:49 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

www.co.weber.ut.us/gis/images/parcel_map_lower_north.jpg

204.152.132.23

404 Not Found

2.2 kB

URL HTTP/1.1
www.co.weber.ut.us/gis/images/parcel_map_lower_north.jpg
IP
204.152.132.23:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
2.2 kB (2174 bytes)
Hash
98d0c68f68b59e84f64f452e28c27fa8
cb179f9826c44b90fadb3ae95e1ddc166e58dfdd
c53771e7911e3673ee58ff07c23afde463c93005b556172183c0bb7185a351a1

HTTP Headers

GET /gis/images/parcel_map_lower_north.jpg HTTP/1.1
Host: www.co.weber.ut.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 404 Not Found
Date: Sat, 14 Jan 2023 13:54:47 GMT
Server: Apache
X-Powered-By: PHP/7.4.16
Content-Length: 2174
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

www.co.weber.ut.us/gis/images/countybasemap.jpg

204.152.132.23

404 Not Found

2.2 kB

URL HTTP/1.1
www.co.weber.ut.us/gis/images/countybasemap.jpg
IP
204.152.132.23:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
2.2 kB (2174 bytes)
Hash
98d0c68f68b59e84f64f452e28c27fa8
cb179f9826c44b90fadb3ae95e1ddc166e58dfdd
c53771e7911e3673ee58ff07c23afde463c93005b556172183c0bb7185a351a1

HTTP Headers

GET /gis/images/countybasemap.jpg HTTP/1.1
Host: www.co.weber.ut.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 404 Not Found
Date: Sat, 14 Jan 2023 13:54:47 GMT
Server: Apache
X-Powered-By: PHP/7.4.16
Content-Length: 2174
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
76237ec279f24af78ed3bdc74ae6b65e
863b83d52ad01b97e03127b8f7303e75d79e2978
0b270314f74ba5dc8288d46482ea4e08b2b701326382ad16e88fbf73762dac3e

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "0B270314F74BA5DC8288D46482EA4E08B2B701326382AD16E88FBF73762DAC3E"
Last-Modified: Fri, 13 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7344
Expires: Sat, 14 Jan 2023 15:57:13 GMT
Date: Sat, 14 Jan 2023 13:54:49 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
d3e544cdaf3a9fa820c5d451b2057ec7
4f213c0524ec7a1d363242e5c38d4e1884ece419
9cd3016f5c919ac9a3f1c3fea68567c0c68752c24e406bc347c908b663c53725

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9CD3016F5C919AC9A3F1C3FEA68567C0C68752C24E406BC347C908B663C53725"
Last-Modified: Fri, 13 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21581
Expires: Sat, 14 Jan 2023 19:54:30 GMT
Date: Sat, 14 Jan 2023 13:54:49 GMT
Connection: keep-alive

toxicrookie.com/pixel/purst?dl=0&th=0&sc=0&rs=1570&rd=1570&fd=939&bv=22.10.v.9&tmpl=70

173.233.137.52

200 OK

0 B

URL HTTP/1.1
toxicrookie.com/pixel/purst?dl=0&th=0&sc=0&rs=1570&rd=1570&fd=939&bv=22.10.v.9&tmpl=70
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1570&rd=1570&fd=939&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: toxicrookie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 13:54:49 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

www.dynamospatial.com/static/images/parcel_coverage/weber-county-ut-parcel-data-coverage-map.png

157.230.203.39

404 Not Found

5.8 kB

URL HTTP/1.1
www.dynamospatial.com/static/images/parcel_coverage/weber-county-ut-parcel-data-coverage-map.png
IP
157.230.203.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
5.8 kB (5752 bytes)
Hash
c17e3bb3138336d5fbd371978082b319
84b1a1d8ed71fe38408fe718d91a9ca19950b586
efb599cb7b69a11837d1c117ed85b0126af29724ee70ab800bac82f0fe40e293

HTTP Headers

GET /static/images/parcel_coverage/weber-county-ut-parcel-data-coverage-map.png HTTP/1.1
Host: www.dynamospatial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
server: meinheld/1.0.2
date: Sat, 14 Jan 2023 13:54:49 GMT
content-type: text/html; charset=utf-8
content-length: 5752

www.webercountyutah.gov/Surveyor/images/interactive.JPG

204.152.132.23

200 OK

87 kB

URL HTTP/1.1
www.webercountyutah.gov/Surveyor/images/interactive.JPG
IP
204.152.132.23:0
ASN
#0

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 519x444, components 3\012- data
Size
87 kB (86637 bytes)
Hash
b72a534bbfd26e6e3c81a6e6d00059d4
5731f3010a2b9ca7e26af96416bbd9b30c0e94d5
b9e27dbd90e425a91bb5402ace7d294d5efba11dcf1fdcabeaef09d0f8416be2

HTTP Headers

GET /Surveyor/images/interactive.JPG HTTP/1.1
Host: www.webercountyutah.gov
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 13:54:47 GMT
Server: Apache
Last-Modified: Wed, 22 Feb 2017 16:18:31 GMT
ETag: "1526d-54920d8f0e3c0"
Accept-Ranges: none
Content-Length: 86637
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

www.familysearch.org/en/wiki/img_auth.php/thumb/a/a0/Ut-weber.png/200px-Ut-weber.png

45.223.164.251

200 OK

28 kB

URL HTTP/2
www.familysearch.org/en/wiki/img_auth.php/thumb/a/a0/Ut-weber.png/200px-Ut-weber.png
IP
45.223.164.251:0
ASN
#19551 INCAPSULA

File type
PNG image data, 200 x 243, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (27859 bytes)
Hash
d4dd3ac81a87daa64da3d8ae218929d6
d41eb7f67e9e1965ca13ae9c159f82e895c25f61
5df040c456f0547df6c670c08f02b90a49b15c7d6b276759bb6ae51cabfe8ccb

HTTP Headers

GET /en/wiki/img_auth.php/thumb/a/a0/Ut-weber.png/200px-Ut-weber.png HTTP/1.1
Host: www.familysearch.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jamesashpe.netlify.app/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 27859
date: Sat, 14 Jan 2023 13:54:49 GMT
server: nginx/1.14.2
x-content-type-options: nosniff
last-modified: Fri, 08 Jul 2016 16:46:04 GMT
x-request-id: 29f29356895dd155cff4cc70
via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'self' https://*.familysearch.org https://*.familysearch.psdops.com https://*.church.brightspot.cloud
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: NfDZLd1oMJNoVlJ-3uzHcxDby-HkdWACmYO2sPgtWdcRHMJkl10-6g==
set-cookie: visid_incap_2852034=E9fDDc1bTxWHXz4zCyCPgye0wmMAAAAAQUIPAAAAAACoM9Lpa0CbwPk2PMFHv6aM; expires=Sat, 13 Jan 2024 22:32:33 GMT; HttpOnly; path=/; Domain=.familysearch.org
nlbi_2852034=3ku3NqooaXwy0A+fFzy7qAAAAAAojrNf1lWAWixyXnEGWGvq; path=/; Domain=.familysearch.org
incap_ses_720_2852034=Y6FjBuR7/DYUnT+8BfX9CSi0wmMAAAAABXKwV3dlhQInClnTEUGDWw==; path=/; Domain=.familysearch.org
x-cdn: Imperva
x-iinfo: 14-229014194-229014206 NNNN CT(1 4 0) RT(1673704487869 244) q(0 0 0 0) r(4 4) U5
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4305ae4d0325234c6dd2cee15d317700
8f1441996550d5e9ef29b66e1d51c9dd9c7bd4e0
dd49cee1886f90d142b40c71c193b0ddc38ea800a61cef7538779413a0570e6f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD49CEE1886F90D142B40C71C193B0DDC38EA800A61CEF7538779413A0570E6F"
Last-Modified: Thu, 12 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17542
Expires: Sat, 14 Jan 2023 18:47:11 GMT
Date: Sat, 14 Jan 2023 13:54:49 GMT
Connection: keep-alive

www.webercountyutah.gov/GIS/images/gis_map.PNG

204.152.132.23

200 OK

538 kB

URL HTTP/1.1
www.webercountyutah.gov/GIS/images/gis_map.PNG
IP
204.152.132.23:0
ASN
#0

File type
PNG image data, 499 x 194, 8-bit/color RGBA, non-interlaced\012- data
Size
538 kB (538206 bytes)
Hash
bbb21edd8ec8e9d06c8e3bbe9b09baff
e7c2644f7fc5f6b1f3c3c8333ecf5113a07f923e
71e5aee930927d84a518a79366fbbc0cc975cf4cc510fcb461b44afdbe325b06

HTTP Headers

GET /GIS/images/gis_map.PNG HTTP/1.1
Host: www.webercountyutah.gov
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 13:54:47 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2016 12:38:02 GMT
ETag: "8365e-53d03d0de9e80"
Accept-Ranges: none
Content-Length: 538206
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/png

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19811
Expires: Sat, 14 Jan 2023 19:25:00 GMT
Date: Sat, 14 Jan 2023 13:54:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19811
Expires: Sat, 14 Jan 2023 19:25:00 GMT
Date: Sat, 14 Jan 2023 13:54:49 GMT
Connection: keep-alive

planesknob.com/sbar.json?key=a981cc90b26126cbeaa22d88f6178a02&uuid=579d0324-e18b-49d3-a831-fc9251e581f0%3A3%3A1

173.233.137.60

200 OK

4.3 kB

URL HTTP/1.1
planesknob.com/sbar.json?key=a981cc90b26126cbeaa22d88f6178a02&uuid=579d0324-e18b-49d3-a831-fc9251e581f0%3A3%3A1
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
JSON data\012- , ASCII text, with very long lines (6027), with no line terminators
Size
4.3 kB (4292 bytes)
Hash
d750666da03a6fe9b3ae157aeb549b87
8ab2074c933b8ae8883717771d2a10e9fb8487ef
bbe71bf61e5d86eb42e4ca853be013a2c00841d5b4717b5d5ad399607f069deb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=a981cc90b26126cbeaa22d88f6178a02&uuid=579d0324-e18b-49d3-a831-fc9251e581f0%3A3%3A1 HTTP/1.1
Host: planesknob.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 13:54:49 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://jamesashpe.netlify.app
Access-Control-Allow-Origin: https://jamesashpe.netlify.app
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15537021; expires=Sun, 15 Jan 2023 13:54:49 GMT; secure; SameSite=None
uid_id2=579d0324-e18b-49d3-a831-fc9251e581f0:3:1; expires=Sat, 21 Jan 2023 13:54:49 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 15 Jan 2023 13:54:49 GMT; secure; SameSite=None
uncs=1; expires=Sun, 15 Jan 2023 13:54:49 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 15 Jan 2023 13:54:49 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 15 Jan 2023 13:54:49 GMT; secure; SameSite=None
sleca981cc90b26126cbeaa22d88f6178a02=[3078189]; expires=Sat, 14 Jan 2023 13:54:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a892c121e59e05a61d69ae3ba940fc87
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19811
Expires: Sat, 14 Jan 2023 19:25:00 GMT
Date: Sat, 14 Jan 2023 13:54:49 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8181 bytes)
Hash
d24ea1f095f492934a1f1c63f5d8590c
dade37148c9b9a941f93a8535d8ddc5de3952623
2d8e3f90eb347eb3479a6c5d20a1c2ca6a0560f335a6c6800948db2640e4c878

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8181
x-amzn-requestid: 7ada8fbd-58e6-4433-a532-b4a4ef93ac9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0paH-OIAMFg5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce3c-582529522dbb67ee728484f8;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AHjOmYxva5avyA3gt9DvYLas_B2ACimer5QRQOi919HDtSjnKq22lw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:36:45 GMT
age: 58684
etag: "dade37148c9b9a941f93a8535d8ddc5de3952623"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13626 bytes)
Hash
afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JRzc2Mcl4EasyH6_1kFh7sr-57f1HNDu-YN8YptDe_kcTET9x8P9LA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 14:03:21 GMT
age: 85888
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9135 bytes)
Hash
64ba27a2f0a3bc61bd325f1fb317b755
c65c58476b66cbb6269ba1d8412d270a0a003ae3
5f7f03752f8a7c8c08d92512ae93b193ea37f59354503c3129d33fd2910f87e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9135
x-amzn-requestid: 2c5e9de0-9244-43ac-b7c4-712cbcf7038c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAnoG6roAMFzgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7afd-7fb640b30bab63bc1979a173;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:14:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RnAGo4OuBl5UjyOlUOJqu2nlFLHTOe0ETxokWtbI4frbpkNVnIBSew==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 01:41:40 GMT
age: 43989
etag: "c65c58476b66cbb6269ba1d8412d270a0a003ae3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b55aad-884c-40db-a779-021d0c2305b4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9154 bytes)
Hash
b1378f107c1996ade14a8fe7fd728072
f52d98d9a0d1d343a539689ea14acf99e148cf8c
4be994757ec7ec42929590169de199e927889261334e258903a0929a1055047d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b55aad-884c-40db-a779-021d0c2305b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9154
x-amzn-requestid: fbb1140d-7ec2-4f86-8761-5d04601af70e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAkCEN2IAMFuMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7ae6-4baebf1104f9cf2a0ee8a538;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:13:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jlRcVyQppaQaPPMKaqadtaEHfdOYXXXbnfrr44l_2E2qaOoh_O0Mog==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 04:21:52 GMT
age: 34377
etag: "f52d98d9a0d1d343a539689ea14acf99e148cf8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0a5cc8b-8d62-447a-a39c-733e1afdd415.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7447 bytes)
Hash
2363dbe7bb6a459853d8d19cab50e70b
ded76de1dd453e40dbf6eaa8607cf19fac7f71a4
f96da6354cec52143768014c36ba2b298224a58b0bf38bd2aa5f3bfce69d8670

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0a5cc8b-8d62-447a-a39c-733e1afdd415.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7447
x-amzn-requestid: dd3543b7-4e6b-4605-acea-a21d39af02ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0qSFjAIAMF7HQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce41-56e2ccc63669032d70cba0ba;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AYaeawnEmwHkyx3h-yliVx-ARcRB3W5kbtFH5tARnL3YMD6e4WYAQw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:49:01 GMT
age: 57948
etag: "ded76de1dd453e40dbf6eaa8607cf19fac7f71a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

172.64.166.29

200 OK

33 kB

URL HTTP/2
friendshipmale.com/sfp.js
IP
172.64.166.29:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
33 kB (32962 bytes)
Hash
daff0af6a7c44c59f559e7d4f6afc642
8f2195a820eaae5a7c056917a1d4a96c7ac8f0af
f0f4c65dcaccac9fbb0049b5db8efe899f3a64172059082e4f66e70aebb88492

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 13:54:49 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 353541a1a30d9edef1a653002795bf49
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 14 Jan 2023 13:54:48 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SRSYaKBO%2F5%2B8tqajSDyiMzsDyZm2fTJYb3kinkTnZja9dYU2cHeb87ac7zcUdHH2tbApMIGsLJ4jiW8qhy0c6rxD90qNNjrOf1yog1HByzEs9FC6ANXWNhvvgqqrF1aDTJg99AE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7896dd9fcea57332-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8592f0941d780eadabee41338044f144
4e1adaa9f4a75071682e5d7e22dd7c5a00123f53
5d1e0d699dfa4830462757cd2df0d0b28a512604dd30a77bd8d3d4db1ca578db

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D1E0D699DFA4830462757CD2DF0D0B28A512604DD30A77BD8D3D4DB1CA578DB"
Last-Modified: Thu, 12 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4942
Expires: Sat, 14 Jan 2023 15:17:11 GMT
Date: Sat, 14 Jan 2023 13:54:49 GMT
Connection: keep-alive

www.webercountyutah.gov/Surveyor/images/maps-min.jpeg

204.152.132.23

200 OK

1.2 MB

URL HTTP/1.1
www.webercountyutah.gov/Surveyor/images/maps-min.jpeg
IP
204.152.132.23:0
ASN
#0

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 5472x3648, components 3\012- data
Size
1.2 MB (1219819 bytes)
Hash
0e24fb6105679a1cfeb88798da73647d
db2df2d72f275122d96d8b706a31d83c8c8c8ea3
5850f165f551f14095ac851523e9d04596d760f4fae4efe8bb8a7a904789ba7f

HTTP Headers

GET /Surveyor/images/maps-min.jpeg HTTP/1.1
Host: www.webercountyutah.gov
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 13:54:47 GMT
Server: Apache
Last-Modified: Tue, 21 Feb 2017 22:31:32 GMT
ETag: "129ceb-54911f11c7900"
Accept-Ranges: none
Content-Length: 1219819
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

planesknob.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSuTiIehIAaEAVhDh4MuJPqnpmdaXMQ17iyGDdLEtlzdVX1bLk1XU1V9fTsQmAxIPE2HgSPvd%2FsZlGDGBBvosx6CXvKeJA9uP9AEETxKDM7MvgO%2Fd73vi743vfeJ%2FvFGaEo2OnGB2ZXac2uteq09vqmyoQpXW39bi2kdXq9tqmy5eb12mD6sf03Q9qq06u19yTfNtciGlIa0rC2qqxMzeDajIXKH8VhPab1ZlQPW00M7P%2BxKwI4FkD0z8gLUGLyzNaTx1B8jKz37Q3ptr3J33i3V2jmjUVfHH2YbWemzNBblKkNkGZH879h3ISQLy7AZEfzCWD6B9MJkKgJCX4NkWRHc5lI%2BofnShMNmSERz6HsjyH1GIqNwc19KPGUAFxg%2FRay3sN1Y0u2c86yKTshl%2F7%2BE6qckEu%2FXUHW%2B2ZFq0HtjtGFVyZzGKQV1GAM1R0jL47hdwOo8hjcfwwlCLJeBSVOX2u1Y0EbUXNJhp1kqRmLxhLrNMKllMdRK5StTpjSmTVKjaHSMbQcgrmLKFyAQgUo0gBFHqAnTmusFaeUttMkbTQ6Tc55o8F5q7MsWqLR7KQUBZ9qH8LnQ3A9BLd7yO0ettUQtvgJbquCEwGcJ%2BiLCqUkKB1ByQhKRVB6grJfHQrtIlc9FNoVSTjP0Tw3qpHx3X12aHxXZmQ%2FPyPPzwz7%2FcV72JanNRZ3Qs5jmkTLYbTME8lYFIlOJ10O2x1GIzhVQbkLYC7ArpqQK%2Fc%2BRT7dYv9zJOwYTh%2BDq4tgxatg5agdUbCtUbNDsZt97y3jXgqvWD2TXqt0p87yHMJUyP0l%2BJ1gX5%2BRl2eK6v8sQfITMg9wWyG3FT5SPxN09YPRbVOSg9umdOTxrdyrntpl0%2FXe8czL4Kv35U5prFi74YZfvs2nxLR8dFc6f5NlQmVdR75eUUJIu2osl%2BSHNbcpk43Cba0UNivymxvvrK71ciudUyYbg6mnly%2BDqwl59slfs8N96ewVKDuGLSr0ioVSZY7B8z24fNFzhsDqBU7yAGVRjWyULJpaEWi5wCyp4OTJj3%2F892hR77sH6NoAzN%2BfnWvfVujrCkwP4YqLI5%2Fbk7d%2BacwCiQ5GibbBQaKt%2FuzcWqdOa7KV0lTSSCZpnKRtRkWcNuOExaFsJy0WwrsJH3939V8AAAD%2F%2FwEAAP%2F%2Fh9C8yZAEAAA%3D

173.233.137.60

200 OK

7 B

URL HTTP/1.1
planesknob.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSuTiIehIAaEAVhDh4MuJPqnpmdaXMQ17iyGDdLEtlzdVX1bLk1XU1V9fTsQmAxIPE2HgSPvd%2FsZlGDGBBvosx6CXvKeJA9uP9AEETxKDM7MvgO%2Fd73vi743vfeJ%2FvFGaEo2OnGB2ZXac2uteq09vqmyoQpXW39bi2kdXq9tqmy5eb12mD6sf03Q9qq06u19yTfNtciGlIa0rC2qqxMzeDajIXKH8VhPab1ZlQPW00M7P%2BxKwI4FkD0z8gLUGLyzNaTx1B8jKz37Q3ptr3J33i3V2jmjUVfHH2YbWemzNBblKkNkGZH879h3ISQLy7AZEfzCWD6B9MJkKgJCX4NkWRHc5lI%2BofnShMNmSERz6HsjyH1GIqNwc19KPGUAFxg%2FRay3sN1Y0u2c86yKTshl%2F7%2BE6qckEu%2FXUHW%2B2ZFq0HtjtGFVyZzGKQV1GAM1R0jL47hdwOo8hjcfwwlCLJeBSVOX2u1Y0EbUXNJhp1kqRmLxhLrNMKllMdRK5StTpjSmTVKjaHSMbQcgrmLKFyAQgUo0gBFHqAnTmusFaeUttMkbTQ6Tc55o8F5q7MsWqLR7KQUBZ9qH8LnQ3A9BLd7yO0ettUQtvgJbquCEwGcJ%2BiLCqUkKB1ByQhKRVB6grJfHQrtIlc9FNoVSTjP0Tw3qpHx3X12aHxXZmQ%2FPyPPzwz7%2FcV72JanNRZ3Qs5jmkTLYbTME8lYFIlOJ10O2x1GIzhVQbkLYC7ArpqQK%2Fc%2BRT7dYv9zJOwYTh%2BDq4tgxatg5agdUbCtUbNDsZt97y3jXgqvWD2TXqt0p87yHMJUyP0l%2BJ1gX5%2BRl2eK6v8sQfITMg9wWyG3FT5SPxN09YPRbVOSg9umdOTxrdyrntpl0%2FXe8czL4Kv35U5prFi74YZfvs2nxLR8dFc6f5NlQmVdR75eUUJIu2osl%2BSHNbcpk43Cba0UNivymxvvrK71ciudUyYbg6mnly%2BDqwl59slfs8N96ewVKDuGLSr0ioVSZY7B8z24fNFzhsDqBU7yAGVRjWyULJpaEWi5wCyp4OTJj3%2F892hR77sH6NoAzN%2BfnWvfVujrCkwP4YqLI5%2Fbk7d%2BacwCiQ5GibbBQaKt%2FuzcWqdOa7KV0lTSSCZpnKRtRkWcNuOExaFsJy0WwrsJH3939V8AAAD%2F%2FwEAAP%2F%2Fh9C8yZAEAAA%3D
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSuTiIehIAaEAVhDh4MuJPqnpmdaXMQ17iyGDdLEtlzdVX1bLk1XU1V9fTsQmAxIPE2HgSPvd%2FsZlGDGBBvosx6CXvKeJA9uP9AEETxKDM7MvgO%2Fd73vi743vfeJ%2FvFGaEo2OnGB2ZXac2uteq09vqmyoQpXW39bi2kdXq9tqmy5eb12mD6sf03Q9qq06u19yTfNtciGlIa0rC2qqxMzeDajIXKH8VhPab1ZlQPW00M7P%2BxKwI4FkD0z8gLUGLyzNaTx1B8jKz37Q3ptr3J33i3V2jmjUVfHH2YbWemzNBblKkNkGZH879h3ISQLy7AZEfzCWD6B9MJkKgJCX4NkWRHc5lI%2BofnShMNmSERz6HsjyH1GIqNwc19KPGUAFxg%2FRay3sN1Y0u2c86yKTshl%2F7%2BE6qckEu%2FXUHW%2B2ZFq0HtjtGFVyZzGKQV1GAM1R0jL47hdwOo8hjcfwwlCLJeBSVOX2u1Y0EbUXNJhp1kqRmLxhLrNMKllMdRK5StTpjSmTVKjaHSMbQcgrmLKFyAQgUo0gBFHqAnTmusFaeUttMkbTQ6Tc55o8F5q7MsWqLR7KQUBZ9qH8LnQ3A9BLd7yO0ettUQtvgJbquCEwGcJ%2BiLCqUkKB1ByQhKRVB6grJfHQrtIlc9FNoVSTjP0Tw3qpHx3X12aHxXZmQ%2FPyPPzwz7%2FcV72JanNRZ3Qs5jmkTLYbTME8lYFIlOJ10O2x1GIzhVQbkLYC7ArpqQK%2Fc%2BRT7dYv9zJOwYTh%2BDq4tgxatg5agdUbCtUbNDsZt97y3jXgqvWD2TXqt0p87yHMJUyP0l%2BJ1gX5%2BRl2eK6v8sQfITMg9wWyG3FT5SPxN09YPRbVOSg9umdOTxrdyrntpl0%2FXe8czL4Kv35U5prFi74YZfvs2nxLR8dFc6f5NlQmVdR75eUUJIu2osl%2BSHNbcpk43Cba0UNivymxvvrK71ciudUyYbg6mnly%2BDqwl59slfs8N96ewVKDuGLSr0ioVSZY7B8z24fNFzhsDqBU7yAGVRjWyULJpaEWi5wCyp4OTJj3%2F892hR77sH6NoAzN%2BfnWvfVujrCkwP4YqLI5%2Fbk7d%2BacwCiQ5GibbBQaKt%2FuzcWqdOa7KV0lTSSCZpnKRtRkWcNuOExaFsJy0WwrsJH3939V8AAAD%2F%2FwEAAP%2F%2Fh9C8yZAEAAA%3D HTTP/1.1
Host: planesknob.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Cookie: u_pl=15537021; uid_id2=579d0324-e18b-49d3-a831-fc9251e581f0:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca981cc90b26126cbeaa22d88f6178a02=[3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 13:54:49 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dddf9c28cd6fdc5ecef925a4c43d8062
Strict-Transport-Security: max-age=0; includeSubdomains

jamesashpe.netlify.app/wp-includes/css/dist/block-library/style.min.css

34.141.11.154

200 OK

7.5 kB

URL HTTP/2
jamesashpe.netlify.app/wp-includes/css/dist/block-library/style.min.css
IP
34.141.11.154:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Unicode text, UTF-8 text, with very long lines (748)
Size
7.5 kB (7534 bytes)
Hash
4b2744199f91b37c935a21577673b6f4
852f4f09059ff15dab69d8a2212ffd1e57bf279a
f190c9a4678c7ef09658f70b03705a8949e3f3032769b611e54e15add142852e

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: jamesashpe.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/weber-county-plat-maps/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/css; charset=UTF-8
date: Sat, 14 Jan 2023 13:54:48 GMT
etag: "4f2b9fa5c9451923cc00cb8a3bbea70e-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GPR8ZF0YHV5HEVKQ22ZT3X2Q
X-Firefox-Spdy: h2

cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html

45.133.44.3

200 OK

2.1 kB

URL HTTP/2
cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html
IP
45.133.44.3:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
2.1 kB (2062 bytes)
Hash
0f003c000b241b4d623b41bca9266f9d
c84ae52bfa329a0f29c2ec90927e103894d5186a
2faf51b5585b6631dedef89897fe29bd5e5d33c72f9792e5a0a73efab83cacb2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 13:54:50 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Thu, 12 Aug 2021 09:54:31 GMT
etag: W/"6114efd7-609"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 14 Jan 2023 14:54:50 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
71dc75959e5d27c471828d47c5ca1fa6
98f8d62776c7d9238dde522cc43ae93378fc5ad8
a8974a4692e39485433c04e08694d4b415d61bd7dccf04ec5ae1a4c2bde68906

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A8974A4692E39485433C04E08694D4B415D61BD7DCCF04EC5AE1A4C2BDE68906"
Last-Modified: Thu, 12 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15879
Expires: Sat, 14 Jan 2023 18:19:29 GMT
Date: Sat, 14 Jan 2023 13:54:50 GMT
Connection: keep-alive

planesknob.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=159

173.233.137.60

200 OK

0 B

URL HTTP/1.1
planesknob.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=159
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=159 HTTP/1.1
Host: planesknob.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Cookie: u_pl=15537021; uid_id2=579d0324-e18b-49d3-a831-fc9251e581f0:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca981cc90b26126cbeaa22d88f6178a02=[3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 13:54:50 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
ee91bceff4762f05347e6f877f4c022d
2edfb34c52e733032730b7ba650ddaef37132981
f8c5ae8865299b88431ced85bffd678fc5e9d46966a505f08e4a0d37f02768ad

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 13:54:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 13 Jan 2023 18:34:09 GMT
Expires: Fri, 20 Jan 2023 18:34:08 GMT
Etag: "2edfb34c52e733032730b7ba650ddaef37132981"
Cache-Control: max-age=534557,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7896dda6fe80b4ff-OSL

cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg

172.64.167.9

200 OK

65 kB

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=242, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=364], progressive, precision 8, 364x242, components 3\012- data
Size
65 kB (64642 bytes)
Hash
61f7b1fa1698507638df7882e2bdfcaf
89134af9a734f4c30d0db01ea36c86895e46b7e3
bc0a583f7e3c834e53d5263ecc90d279b27460ea2e9bce56b7ac6b129eb5849c

HTTP Headers

GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Jan 2023 13:54:50 GMT
content-type: image/jpeg
content-length: 64642
last-modified: Thu, 12 Aug 2021 09:52:54 GMT
etag: "6114ef76-fc82"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5184169
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jF%2BBucwKqbZOxJbuHAWxmkrrZxeFl%2FIKumP%2BcmTvUUovHaUj2Dvp%2F4rdYL5sjLxVu0MX2D9J4sYCQ8L2%2BiHAZ2HrDrMY0ChFpCWZkeE6mVtC03%2Fl%2FuRZhCBQ3wlpyv8WghGakXpYMdvp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7896dda83d390682-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

1.0 kB

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
gzip compressed data, max compression\012- data
Size
1.0 kB (1005 bytes)
Hash
51d54570520fe2450e5ad19a5206a62b
41222ebfefcbafb88608bcd5691c2a7c32548a27
c6743ad456a599b8109ce4c0ac38c947d34eafc6d1e4b693550abdb243d71ec2

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A8974A4692E39485433C04E08694D4B415D61BD7DCCF04EC5AE1A4C2BDE68906"
Last-Modified: Thu, 12 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15879
Expires: Sat, 14 Jan 2023 18:19:29 GMT
Date: Sat, 14 Jan 2023 13:54:50 GMT
Connection: keep-alive

cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css

172.64.167.9

200 OK

4.8 kB

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
4.8 kB (4815 bytes)
Hash
21eb7a65c17a2c22ba104a7ecbf1dc0f
ea8c53be54889c7489aed04e30e3eb83af64dec9
090bd9ceb9a58da038e5ed4a39dfbb63ece49ed4f4f0656ce35f7faa41a3b237

HTTP Headers

GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 13:54:50 GMT
content-type: text/css
last-modified: Thu, 12 Aug 2021 09:52:53 GMT
etag: W/"6114ef75-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFFhb0G34zI6SGyvjNk4JaJhM7Lu8AgfzsM0z2wev%2BIFV4Y9QWUW6t5SlbHX75ChbxTBYXBNrl5f9eHQDqSxU5hUc%2Fz6G8bpFZlMWD26KOsiummRMV%2BiZixr%2FdXV6o11oGQNGOuRdn8k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7896dda80d0f0682-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css

172.64.167.9

200 OK

1.0 kB

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.0 kB (1024 bytes)
Hash
470cbc16b710d872c9cba23c0fd5a3dc
811d6187a4bd3df90912046304966a31af960f99
323c79ec80ce3e58e119b41d15b298651dcd303ae92f8c195c8c8d4766e97a7b

HTTP Headers

GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 13:54:50 GMT
content-type: text/css
last-modified: Thu, 12 Aug 2021 09:52:52 GMT
etag: W/"6114ef74-e68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAGcruCuRidUFRofaPp0%2B%2Bb3%2B9HeQIjaWMnZyFxKlLcxPt7tB%2FNkM2rw7vxdGB7R3UpiLxAaCOm4y0Mr5vRqcncO0UhYms2%2FQZoFuTzD0J2ZYL3VNc9PoBMtBvG6nCPLP7D6XX1ZwIba"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7896dda80d150682-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 19:33:54 GMT
expires: Thu, 11 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 238856
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 13:33:13 GMT
expires: Sat, 13 Jan 2024 13:33:13 GMT
cache-control: public, max-age=31536000
age: 87697
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5af6ce798e809281853e1ff953524bc2
e294a7ea02967fc2486d8f028479bc0ec8dcc3b0
ad9749ffa451026d871118eaeb937a0a79b866551510fa0bd0635b683e57146b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD9749FFA451026D871118EAEB937A0A79B866551510FA0BD0635B683E57146B"
Last-Modified: Sat, 14 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4598
Expires: Sat, 14 Jan 2023 15:11:28 GMT
Date: Sat, 14 Jan 2023 13:54:50 GMT
Connection: keep-alive

planesknob.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTiIehIAaEAVhDh4MuJP%2BMbPTYw7iGlcW42ZJInuurqqeLbemq6mqnp5dCCwGJN7Gg%2BCx95vdLGoQA%2BJNlF4vYU8ZD7IH9z8QBFE8ysyODL5Dv%2Fe9rwu%2B9733yX5xRnwU9HTjA70rlaLX2k2%2F8fqmzLgubWP9biPwm%2F71xqbMllvXG8PpxwzeDPx207%2FaeE%2BwbX0t9APfD%2FygsSqNSPXw2oyFzB91g2bXb7bCZtBuYWj%2Bj23hwVIPfHBGXoDkk2e2njyGZDWy%2Frc3hN12On%2Fj3X6hqNMGA370Ybad6TJDf1GmxkOaHc3%2FhrYTQr64AJ0dzSeAHhxMJ0AiJ8T7NUCSHc1lIhkcnitNFESGhD%2BHclBDqBqS1mD6PiR%2FSgDGsX4LWf%2FhujYl3Tln6ZSdkEt%2F%2FwlZTsil364g63%2BzouSwcUerwkmdWQzTCnJYQ%2FZq5MUx3K4HWR6DuY8hOUHWryD56WvtTpf7UdhaEkGcLLW6PFqicRQspawbtgPRjoPUn1kjZQ2Z1lBiBGovorAeCumhSD0UuYc%2BP23Qdjf1%2FU6apFEUtxhjUcRYO17mbR614tRHwabaR3D5CEyNwMwecrOHbTmCKX6C3apguQfrCAa8QikISktQUoJSEpSOoBxUh1zZ0FYPubJFEsxzOM9RNdaut08PteuJjOznZ%2BT5mWG%2Fv3gP2%2BK0QbtxwFjXT8LlIFxmiaA0DHkcp8tBJ6Z%2BCCsrSHsB1HrYlRNy5d6nyKdbHHyOhB7DqmMweRG0eBW0HHdCH3Rr3Ip97GbfO0OZE9xJ2syEUzLdadI8B9cVcncJbsfbV2fk5Zmi5j9LEOyEzAPMVMhNhY%2FkzwQ99WB8W5fk4LYuLXl8K3eyL3fpdL13HHXC%2B%2Bp9sVNqw9du2NGXb7MpMS0f3RXW3aQZl1nPkq9XJOfCrGrDBPlhzW6KZKOwWyuFyYr85sY7q2v93Ahrpc5qUPn08mUwOSHPPvlrdrgvnb0CaWqYokK%2FWCiV%2Bhgs34PNFz2rCYxa4CT3UBbV2ITJoqkkgRILTJMKVpz8%2BMd%2Fjxb1vn2AnvFA3f3ZuQ5MhYGqQNUItrg4drk5eeuXaBZIlDdOlPEOEmXUZ%2BfWWnnaaActESdxh3GeCMaDThjFke%2BHnLc6XRF04eyE1d9d%2FRcAAP%2F%2FAQAA%2F%2F%2BT2DIvkAQAAA%3D%3D

173.233.137.60

200 OK

7 B

URL HTTP/1.1
planesknob.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTiIehIAaEAVhDh4MuJP%2BMbPTYw7iGlcW42ZJInuurqqeLbemq6mqnp5dCCwGJN7Gg%2BCx95vdLGoQA%2BJNlF4vYU8ZD7IH9z8QBFE8ysyODL5Dv%2Fe9rwu%2B9733yX5xRnwU9HTjA70rlaLX2k2%2F8fqmzLgubWP9biPwm%2F71xqbMllvXG8PpxwzeDPx207%2FaeE%2BwbX0t9APfD%2FygsSqNSPXw2oyFzB91g2bXb7bCZtBuYWj%2Bj23hwVIPfHBGXoDkk2e2njyGZDWy%2Frc3hN12On%2Fj3X6hqNMGA370Ybad6TJDf1GmxkOaHc3%2FhrYTQr64AJ0dzSeAHhxMJ0AiJ8T7NUCSHc1lIhkcnitNFESGhD%2BHclBDqBqS1mD6PiR%2FSgDGsX4LWf%2FhujYl3Tln6ZSdkEt%2F%2FwlZTsil364g63%2BzouSwcUerwkmdWQzTCnJYQ%2FZq5MUx3K4HWR6DuY8hOUHWryD56WvtTpf7UdhaEkGcLLW6PFqicRQspawbtgPRjoPUn1kjZQ2Z1lBiBGovorAeCumhSD0UuYc%2BP23Qdjf1%2FU6apFEUtxhjUcRYO17mbR614tRHwabaR3D5CEyNwMwecrOHbTmCKX6C3apguQfrCAa8QikISktQUoJSEpSOoBxUh1zZ0FYPubJFEsxzOM9RNdaut08PteuJjOznZ%2BT5mWG%2Fv3gP2%2BK0QbtxwFjXT8LlIFxmiaA0DHkcp8tBJ6Z%2BCCsrSHsB1HrYlRNy5d6nyKdbHHyOhB7DqmMweRG0eBW0HHdCH3Rr3Ip97GbfO0OZE9xJ2syEUzLdadI8B9cVcncJbsfbV2fk5Zmi5j9LEOyEzAPMVMhNhY%2FkzwQ99WB8W5fk4LYuLXl8K3eyL3fpdL13HHXC%2B%2Bp9sVNqw9du2NGXb7MpMS0f3RXW3aQZl1nPkq9XJOfCrGrDBPlhzW6KZKOwWyuFyYr85sY7q2v93Ahrpc5qUPn08mUwOSHPPvlrdrgvnb0CaWqYokK%2FWCiV%2Bhgs34PNFz2rCYxa4CT3UBbV2ITJoqkkgRILTJMKVpz8%2BMd%2Fjxb1vn2AnvFA3f3ZuQ5MhYGqQNUItrg4drk5eeuXaBZIlDdOlPEOEmXUZ%2BfWWnnaaActESdxh3GeCMaDThjFke%2BHnLc6XRF04eyE1d9d%2FRcAAP%2F%2FAQAA%2F%2F%2BT2DIvkAQAAA%3D%3D
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTiIehIAaEAVhDh4MuJP%2BMbPTYw7iGlcW42ZJInuurqqeLbemq6mqnp5dCCwGJN7Gg%2BCx95vdLGoQA%2BJNlF4vYU8ZD7IH9z8QBFE8ysyODL5Dv%2Fe9rwu%2B9733yX5xRnwU9HTjA70rlaLX2k2%2F8fqmzLgubWP9biPwm%2F71xqbMllvXG8PpxwzeDPx207%2FaeE%2BwbX0t9APfD%2FygsSqNSPXw2oyFzB91g2bXb7bCZtBuYWj%2Bj23hwVIPfHBGXoDkk2e2njyGZDWy%2Frc3hN12On%2Fj3X6hqNMGA370Ybad6TJDf1GmxkOaHc3%2FhrYTQr64AJ0dzSeAHhxMJ0AiJ8T7NUCSHc1lIhkcnitNFESGhD%2BHclBDqBqS1mD6PiR%2FSgDGsX4LWf%2FhujYl3Tln6ZSdkEt%2F%2FwlZTsil364g63%2BzouSwcUerwkmdWQzTCnJYQ%2FZq5MUx3K4HWR6DuY8hOUHWryD56WvtTpf7UdhaEkGcLLW6PFqicRQspawbtgPRjoPUn1kjZQ2Z1lBiBGovorAeCumhSD0UuYc%2BP23Qdjf1%2FU6apFEUtxhjUcRYO17mbR614tRHwabaR3D5CEyNwMwecrOHbTmCKX6C3apguQfrCAa8QikISktQUoJSEpSOoBxUh1zZ0FYPubJFEsxzOM9RNdaut08PteuJjOznZ%2BT5mWG%2Fv3gP2%2BK0QbtxwFjXT8LlIFxmiaA0DHkcp8tBJ6Z%2BCCsrSHsB1HrYlRNy5d6nyKdbHHyOhB7DqmMweRG0eBW0HHdCH3Rr3Ip97GbfO0OZE9xJ2syEUzLdadI8B9cVcncJbsfbV2fk5Zmi5j9LEOyEzAPMVMhNhY%2FkzwQ99WB8W5fk4LYuLXl8K3eyL3fpdL13HHXC%2B%2Bp9sVNqw9du2NGXb7MpMS0f3RXW3aQZl1nPkq9XJOfCrGrDBPlhzW6KZKOwWyuFyYr85sY7q2v93Ahrpc5qUPn08mUwOSHPPvlrdrgvnb0CaWqYokK%2FWCiV%2Bhgs34PNFz2rCYxa4CT3UBbV2ITJoqkkgRILTJMKVpz8%2BMd%2Fjxb1vn2AnvFA3f3ZuQ5MhYGqQNUItrg4drk5eeuXaBZIlDdOlPEOEmXUZ%2BfWWnnaaActESdxh3GeCMaDThjFke%2BHnLc6XRF04eyE1d9d%2FRcAAP%2F%2FAQAA%2F%2F%2BT2DIvkAQAAA%3D%3D HTTP/1.1
Host: planesknob.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Cookie: u_pl=15537021; uid_id2=579d0324-e18b-49d3-a831-fc9251e581f0:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca981cc90b26126cbeaa22d88f6178a02=[3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 13:54:50 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f63933e4752b69514cc6397b83b14027
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js

172.64.167.9

200 OK

189 B

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
189 B (189 bytes)
Hash
e92fccb89580145c885f0359badbd628
bed02f01f78b1f585462796e01527a268ac7f24c
f9fdf22943d31068189a6e1329d6bc9bf9ebc39b5ce4ccbd1d3a2f99f82a0597

HTTP Headers

GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 13:54:50 GMT
content-type: application/javascript
last-modified: Thu, 12 Aug 2021 09:52:54 GMT
etag: W/"6114ef76-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=503hsWqLtoT%2FEd%2B3948a0Oo%2F62DU9wpVr4h91hqOm%2B2Q1WJIV40ASX1DjUFApqVoVxhAv6Ac0%2BLuymPxTT1vAoATMqWz3DpJKLRFwgiExooztpePkqfddmy6eTyxwEIij6kxSy7YeUCB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7896dda80d140682-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

planesknob.com/pixel/sbs?c=1

173.233.137.60

200 OK

0 B

URL HTTP/1.1
planesknob.com/pixel/sbs?c=1
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: planesknob.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Cookie: u_pl=15537021; uid_id2=579d0324-e18b-49d3-a831-fc9251e581f0:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca981cc90b26126cbeaa22d88f6178a02=[3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 13:54:50 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

unseenreport.com/pxf.gif?uuid=61fc771f-056a-4be9-83ac-def34161a059&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=a981cc90b26126cbeaa22d88f6178a02&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13

192.243.61.227

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=61fc771f-056a-4be9-83ac-def34161a059&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=a981cc90b26126cbeaa22d88f6178a02&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=61fc771f-056a-4be9-83ac-def34161a059&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=a981cc90b26126cbeaa22d88f6178a02&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 13:54:50 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e5f1e5a083f2a2c826794331dc48a057
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=61fc771f-056a-4be9-83ac-def34161a059&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3914ae10bf633009de6069ed0bb8ca33&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13

192.243.61.227

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=61fc771f-056a-4be9-83ac-def34161a059&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3914ae10bf633009de6069ed0bb8ca33&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=61fc771f-056a-4be9-83ac-def34161a059&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3914ae10bf633009de6069ed0bb8ca33&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 13:54:50 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b2a37342aefcb46f7a7b837d95e3f139
Strict-Transport-Security: max-age=0; includeSubdomains

www.statcounter.com/counter/counter.js

104.20.218.77

200 OK

0 B

URL HTTP/2
www.statcounter.com/counter/counter.js
IP
104.20.218.77:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /counter/counter.js HTTP/1.1
Host: www.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 13:54:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 12 Jan 2023 22:04:39 GMT
etag: W/"63c083f7-aa70"
expires: Sat, 14 Jan 2023 22:51:43 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 10987
server: cloudflare
cf-ray: 7896dda83d32fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2

jamesashpe.netlify.app/wp-content/themes/iconic-one/style.css

34.141.11.154

200 OK

0 B

URL HTTP/2
jamesashpe.netlify.app/wp-content/themes/iconic-one/style.css
IP
34.141.11.154:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/iconic-one/style.css HTTP/1.1
Host: jamesashpe.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/weber-county-plat-maps/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/css; charset=UTF-8
date: Sat, 14 Jan 2023 13:54:48 GMT
etag: "98fe9bba1d65a0128ffc51448c70c26c-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GPR8ZF13VN27TSTVAY2A31E6
X-Firefox-Spdy: h2

jamesashpe.netlify.app/wp-content/themes/iconic-one/js/selectnav.js

34.141.11.154

200 OK

0 B

URL HTTP/2
jamesashpe.netlify.app/wp-content/themes/iconic-one/js/selectnav.js
IP
34.141.11.154:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/iconic-one/js/selectnav.js HTTP/1.1
Host: jamesashpe.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/weber-county-plat-maps/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Sat, 14 Jan 2023 13:54:48 GMT
etag: "2e68f43ca5f7aefdc4917a22d9ef385b-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GPR8ZF1KYJ0XZPNG7WDC3NA8
X-Firefox-Spdy: h2

jamesashpe.netlify.app/wp-content/themes/iconic-one/custom.css

34.141.11.154

404 Not Found

0 B

URL HTTP/2
jamesashpe.netlify.app/wp-content/themes/iconic-one/custom.css
IP
34.141.11.154:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/iconic-one/custom.css HTTP/1.1
Host: jamesashpe.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/weber-county-plat-maps/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 14 Jan 2023 13:54:48 GMT
etag: 1592756346-ssl-df
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GPR8ZF14CJ3W6D876E2RNMWV
X-Firefox-Spdy: h2

c.statcounter.com/t.php?sc_project=12357737&u1=0947A8060D954FBCE4F9045F10F56C4B&java=1&security=faac8bec&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//jamesashpe.netlify.app/weber-county-plat-maps/&t=Weber%20County%20Plat%20Maps%20%E2%80%93%20Map%20Of%20California%20Coast%20Cities&invisible=1&sc_rum_e_s=3069&sc_rum_e_e=3074&sc_rum_f_s=0&sc_rum_f_e=3061&get_config=true

104.20.218.77

200 OK

0 B

URL HTTP/2
c.statcounter.com/t.php?sc_project=12357737&u1=0947A8060D954FBCE4F9045F10F56C4B&java=1&security=faac8bec&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//jamesashpe.netlify.app/weber-county-plat-maps/&t=Weber%20County%20Plat%20Maps%20%E2%80%93%20Map%20Of%20California%20Coast%20Cities&invisible=1&sc_rum_e_s=3069&sc_rum_e_e=3074&sc_rum_f_s=0&sc_rum_f_e=3061&get_config=true
IP
104.20.218.77:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /t.php?sc_project=12357737&u1=0947A8060D954FBCE4F9045F10F56C4B&java=1&security=faac8bec&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//jamesashpe.netlify.app/weber-county-plat-maps/&t=Weber%20County%20Plat%20Maps%20%E2%80%93%20Map%20Of%20California%20Coast%20Cities&invisible=1&sc_rum_e_s=3069&sc_rum_e_e=3074&sc_rum_f_s=0&sc_rum_f_e=3061&get_config=true HTTP/1.1
Host: c.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Jan 2023 13:54:51 GMT
content-type: application/json
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: is_unique=sc12357737.1673704491.0; SameSite=None; Secure; Expires=Thursday, 13-Jan-2028 19:24:51 IST; Path=/; Domain=.statcounter.com
is_visitor_unique=1673704491150439015; SameSite=None; Secure; Expires=Monday, 13-Jan-2025 19:24:51 IST; Path=/; Domain=.statcounter.com
access-control-allow-origin: https://jamesashpe.netlify.app
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7896ddac88e8fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2

jamesashpe.netlify.app/weber-county-plat-maps/

34.141.11.154

200 OK

0 B

URL HTTP/2
jamesashpe.netlify.app/weber-county-plat-maps/
IP
34.141.11.154:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /weber-county-plat-maps/ HTTP/1.1
Host: jamesashpe.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 14 Jan 2023 13:54:47 GMT
etag: "2d817c2cc1563d044fca271a7aa055e1-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GPR8ZERZ68XQM3K3V9WV976Y
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 14 Jan 2023 13:54:48 GMT
date: Sat, 14 Jan 2023 13:54:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (79)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type